Fix salt generation. btoa() is problematic because it uses the String type, which cannot accommodate arbitrary sequences of bytes. This caused it to fail randomly when the user clicked "OK" in the metadata editor. Base64 is simple enough, I just implemented the encoding myself, though slightly simplified.

Increased number of salt bytes from 3 to 9.

Ceased using ScriptableUnicodeConverter in favor of a TextEncoder.

Removed compatibility with original metadata file format.

Fixed bug introduced in last version, where Saved Logins list would show blank rows if metadata editor is closed while a filter is in effect.

Now using JSON file for storage. Data is migrated out of SQLite database next time it needs to be loaded, and the relevant table is deleted. However, the database file is not deleted, just in case there are still other tables there.

Now decrypting metadata for storage in Sync. This is necessary, since different profiles have different SDR keys, unless key3.db was copied. Simply copying the encrypted data makes it unreadable on other profiles. (Sync encryption is still in effect, of course.)

Typo in defaultFieldConfig.js: "this_instantApply" should be "this._instantApply".

Hiding encrypt checkbox and table headers when deleting last row: check that rows.length < 2 should be rows.length < 1.

Also, now using preference sync on most Password Tags preferences, with the exception of useSyncService and logToConsole. The former is used to control part of Sync and as such must not itself be synched.

Added support for encrypting metadata (not including tags) using the Secret Decoder Ring service (nsILoginManagerCrypto, same as the login manager itself uses, which automatically handles a master password).

Added a "Metadata" column that shows whether a password has associated metadata (other than tags) and whether they are encrypted or not.

Added confirmation when deleting all metadata fields in editor.

Added option (enabled by default) to prompt for the master password when trying to edit encrypted metadata.

Added salting to username hashes in metadata records, in order to prevent identical usernames in different records from being linked to each other too easily.

Now using a cache for the database and using asynchronous statements for updates. After rereading the docs and experimenting, I realize now there isn't necessarily a problem with using both synchronous and asynchronous statements, particularly if they are on different tables.

Added Joseph A. Alfano as a contributor. He hasn't written any code, but he has been quite helpful in other ways, including feedback, bug reports, testing, and suggestions. Thanks.

Fixed bug with context submenu being empty if hidden and reshown without hiding and showing the main context menu.

Added metadata beyond simple tags. This is in the form of arbitrary named and typed fields (with the types being single-line text, multi-line text, and number). Fields to be added by default when first adding metadata can be configured.

Added handling of modifications in password manager to signonMetadataStorage, so as to make sure metadata doesn't become disconnected just because someone edited the hostname, etc. A preference is included to control whether the associated metadata should be deleted along with a login.

Removed "usernameField" and "passwordField" from metadata storage, since they're never used to identify a login record.

Now using signons.sqlite for storage (table dd_passwordtags_metadata).

For what little it's worth, SeaMonkey's Data Manager is now supported, because without a UI to access the Password Manager, the Data Manager is all you have. I've talked to the developer of Saved Passwords Button about adding support beyond Firefox, and he's responded favorably to the suggestion, so hopefully this add-on will once again become more than slightly useful for SeaMonkey users without unnecessarily installing Saved Password Editor or such.